Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Capital One Data Breach Disclosure

Cybersecurity Threat Advisory: Capital One Data Breach Disclosure

Overview: On Monday June 29, 2019, Capital One (a financial services company that handles credit cards for their own brand and many 3rd-Party brands) publicly disclosed a significant data breach exposing personally identifiable information for millions of their customers. The...

/ July 30, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Router Attack has Hijacked over 180,000 Brazilian routers

Cybersecurity Threat Advisory: Router Attack has Hijacked over 180,000 Brazilian routers

Advisory Overview Threat actors have been changing settings on home and small-business routers manufactured by D-Link in order to re-route users to malicious websites. The changes are made after a user loads a website that contains a “poisoned” advertisement –...

/ July 25, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Lenovo-EMC Device Storage Leak Vulnerability

Cybersecurity Threat Advisory: Lenovo-EMC Device Storage Leak Vulnerability

Advisory Overview Several different Lenovo-EMC Network Attached Storage (NAS) devices – including those from the Iomega NAS device line – have critical vulnerabilities that must be patched. These devices, if left unpatched, have the ability to allow a threat actor...

/ July 23, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Zoom Conferencing Software Vulnerability Disclosure

Cybersecurity Threat Advisory: Zoom Conferencing Software Vulnerability Disclosure

What is the threat As reported by security researcher Johnathan Leitschuh via his Medium account, current Zoom Conferencing client software versions on Macintosh systems have a known vulnerability that allows a malicious actor to force-join a user to a new...

/ July 10, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Threat Actors Have Obtained Cellular Network Customer Data

Cybersecurity Threat Advisory: Threat Actors Have Obtained Cellular Network Customer Data

What is the threat? A long-term, focused theft of call detail records from hacked cell network providers has been uncovered by a group of cybersecurity researchers. Threat actors stole massive amounts of call detail records including – but not limited...

/ July 3, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Microsoft Excel Power Query Vulnerability

Cybersecurity Threat Advisory: Microsoft Excel Power Query Vulnerability

What is the threat? A feature in Microsoft Excel called Power Query is vulnerable to attack by threat actors leveraging the way this feature accesses data outside the spreadsheet that it resides in. Power Query is a legitimate feature; which...

/ July 3, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ransomware Gang Hacks MSPs to Deploy Ransomware to Customers

Cybersecurity Threat Advisory: Ransomware Gang Hacks MSPs to Deploy Ransomware to Customers

What is the threat? A group of threat actors has targeted customers of Managed Service Providers (MSPs) using Remote Desktop Protocol (RDP) to provide remote assistance and technical support. In this case, the threat actors specifically targeted the SecureAnyware technology...

/ June 25, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Healthcare Providers Fall Victim to Ransomware Attacks

Cybersecurity Threat Advisory: Healthcare Providers Fall Victim to Ransomware Attacks

What is the threat? There has been a significant increase in ransomware attacks in recent months and the healthcare industry appears to be the prime target for these hackers. SKOUT CYBERSECURITY is tracking a recent trend where medical providers and...

/ June 25, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: DNSpionage Malware Finds New Way to Avoid Detection.

Cybersecurity Threat Advisory: DNSpionage Malware Finds New Way to Avoid Detection.

What is the threat? An attack campaign called DNSpionage – first detected in November 2018 – has recently resurfaced with new attack vectors and methodologies. This attack campaign redirects users via unauthorized DNS modification to malicious versions of job posting...

/ June 17, 2019
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: AMCA Healthcare Hack

Cybersecurity Threat Advisory: AMCA Healthcare Hack

What is the threat? The compromise of the American Medical Collection Agency (AMCA), a third-party bill collection vendor, has potentially impacted the personal data of over 20 million patients across three laboratory services providers. Why is this noteworthy? Personal data...

/ June 15, 2019